Hello ,
I am facing very strange issue on a standalone R81 CP6200.
I've installed Take44 in order to check whether a problem regarding DNS and SecureDNS gets solved. I then uninstalled the hotfix and after that the system boots , recognizes no interfaces at all and InitialPolicy gets installed.
Below I cite an excerpt from the boot process. Note the no igb drivers when it boots as well as the "ls: cannot access /sys/class/net/*/device: No such file or directory"
After logging in expert mode and doing an ifconfig, then no interface is shown apart from docker0 and loopback
Has anyone seen it before ?
Version 2.20.1271. Copyright (C) 2020 American Megatrends, Inc.
CheckPoint Software Technologies LTD, BIOS Rev: QS-20-00-1.4
Boot from Primary BIOS
Press <DEL> or <TAB> to enter setup.
Press <B> to enter BBS POPUP. Press <L> to boot from LAN.
Press U to allow BIOS updates
Starting the system
i8042: No controller found
Reading all physical volumes. This may take a while...
Found volume group "vg_splat" using metadata type lvm2
5 logical volume(s) in volume group "vg_splat" now active
Phase 1 - find and verify superblock...
Phase 2 - using internal log
- zero log...
- scan filesystem freespace and inode maps...
- found root inode chunk
Phase 3 - for each AG...
- scan and clear agi unlinked lists...
- process known inodes and perform inode discovery...
- agno = 0
- agno = 1
- agno = 2
- agno = 3
- process newly discovered inodes...
Phase 4 - check for duplicate blocks...
- setting up duplicate extent list...
- check for inodes claiming duplicate blocks...
- agno = 0
- agno = 2
- agno = 1
- agno = 3
Phase 5 - rebuild AG headers and trees...
- reset superblock...
Phase 6 - check inode connectivity...
- resetting contents of realtime bitmap and summary inodes
- traversing filesystem ...
- traversal finished ...
- moving disconnected inodes to lost+found ...
Phase 7 - verify and correct link counts...
done
Image:ice_main;392 Version:3.10.0-957.21.3cpx86_64
Setting clock (utc): Tue Feb 22 20:24:17 EET 2022 [ OK ]
Starting udev: [ OK ]
Setting hostname Intek-FW: [ OK ]
Setting domain name intertech.gr: [ OK ]
Setting up Logical Volume Management: 5 logical volume(s) in volume group "vg_splat" now active
[ OK ]
Checking filesystems
Checking all file systems.
[/sbin/fsck.xfs (1) -- /] fsck.xfs -a /dev/mapper/vg_splat-lv_current
/sbin/fsck.xfs: XFS file system.
[/sbin/fsck.ext3 (1) -- /boot] fsck.ext3 -a /dev/sda1
INIT: Entering runlevel: 3
Applying Intel CPU microcode update: [ OK ]
Starting LVM metadata daemon: [ OK ]
Starting LVM poll daemon: [ OK ]
Starting LVM poll daemon: [ OK ]
Starting monitoring for VG vg_splat: File descriptor 4 (/ptmx) leaked on vgchange invocation. Parent PID 3230: /bin/bash
File descriptor 7 (/sys/kernel/hotplug) leaked on vgchange invocation. Parent PID 3230: /bin/bash
5 logical volume(s) in volume group "vg_splat" monitored
[ OK ]
Running UP accel driver check.
IP series driver not present
Starting background readahead: [ OK ]
Checking for hardware changes [ OK ]
Configuring ipv6 kernel support: ipv6_xlate[5837]: ipv6_xlate: FW ipv6 state OFF
[ OK ]
Starting kdump:[ OK ]
Adding default namespace [ OK ]
/etc/rc3.d/S08start_bfm: line 10: /usr/lib/smo/liblog.sh: No such file or directory
Inserting ipsctl_kern_64_3_10_64: [ OK ]
FW1: Kernel mode enabled
no ixgbe interfaces on the machine
no igb interfaces on the machine
no mlx5_core interfaces on the machine
no i40e interfaces on the machine
CKP: Loading SecureXL: [ OK ]
CKP: Loading FW-1 IPv4 Instance 0: [ OK ]
CKP: Loading FW-1 IPv4 Instance 1: [ OK ]
CKP: Loading FW-1 IPv4 Instance 2: [ OK ]
Starting start_bfd: [ OK ]
Starting start_wrp: Loading wrp module
[ OK ]
Starting auditd: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
Inserting adp_kern_64_3_10_64: [ OK ]
No accel HW present
ADP device major number: 237
Update Interfaces in Database: ls: cannot access /sys/class/net/*/device: No such file or directory
48 bindings were imported
[ OK ]
Generating vrfs: [ OK ]
Configuring NetAccess: [ OK ]
Generating NTP configuration: [ OK ]
Generating Time Zone configuration: [ OK ]
Generating domain name configuration: [ OK ]
Generating keyboard mapping configuration: [ OK ]
Generating hostname configuration: [ OK ]
Configuring Interfaces: [ OK ]
Generating /etc/monitor_mode: [ OK ]
Generating /etc/fonic_pairs: [ OK ]
Configuring NDP: [ OK ]
Generating hosts.conf: [ OK ]
Generating resolv.conf: [ OK ]
Generating dhclient.conf: [ OK ]
Generating pwcontrol.conf [ OK ]
Generating passwd + shadow [ OK ]
Generating group + gshadow [ OK ]
Generating routed.conf [ OK ]
Generating routed0.conf [ OK ]
Generating extended commands: [ OK ]
Generating MOTD: [ OK ]
Generating banner message: [ OK ]
Generating hostname caption file: [ OK ]
Generating /etc/raddb/server: [ OK ]
Generating TACACS+ configuration: [ OK ]
Generating /etc/msmtp.conf: [ OK ]
Generating /etc/pam.d/system-auth: [ OK ]
Generating /etc/sysconfig/external.if: [ OK ]
Generating /etc/lldpd.conf: [ OK ]
Generating DHCP server configuration: Write DSTATE called
ServerConfigured = 1
DdnsConfigured = 0
[ OK ]
Generating /etc/adjust_radius: [ OK ]
Running /bin/arp_xlate: [ OK ]
Generating SNMP configuration: [ OK ]
Generating SNMP Monitor configuration: [ OK ]
Generating Job Scheduler configuration: [ OK ]
Updating general configuraion file: [ OK ]
Updating syslogd configuration: Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
[ OK ]
Updating httpd2 configuration: [ OK ]
Updating httpd-ssl configuration: [ OK ]
Applying NetFlow configuration [ OK ]
Applying pbrroute configuration [ OK ]
Configuring PPPoE: [ OK ]
Configuring hostaccess: [ OK ]
Updating SSH host access: sshd_config parsing starting...[ OK ]
Configuring Management data plane: [ OK ]
Generating /etc/ipv6_params: [ OK ]
CPshell initialization: [ OK ]
Initializing CP Process Manager..
Starting cp_pm_rl2: [ OK ]
Starting cp_pm_rl3: [ OK ]
Starting cp_pm_rl4: [ OK ]
Starting acpi daemon: [ OK ]
Starting sshd:[ OK ]
Starting arp:
Starting xinetd: [ OK ]
Starting bp_init: [ OK ]
Starting bypass_off: [ OK ]
Starting crond: [ OK ]
Starting docker_manager: Successfully mounted cgroup filesystem.
Docker daemon successfully started.
[ OK ]
Starting cpri_d: cpridstart: Starting cprid
[1] 8448
[ OK ]
Starting cpboot:
SVN Foundation: Starting cpWatchDog
Starting cpviewd
starting the cpview_services daemon
cpwd_admin:
Process CPVIEWS started successfully (pid=8651)
starting sxl_statd
cpwd_admin:
Process SXL_STATD started successfully (pid=8654)
Starting Critical Alerts Sensor...
SVN Foundation: Starting cpd
Multiportal daemon: starting mpdaemon
SVN Foundation started
MAAS is not installed
FW-1: loading tp_conf_service
FireWall-1: Starting fwd
FireWall-1: Starting cpm. Please wait...
[1] 8847
FireWall-1: Finished starting cpm successfully
FireWall-1: Starting fwm (Security Management Server)
FireWall-1: Starting CPU Spike Detective
SecureXL disabled, cannot use affinity commands
sim_register_adp_service: SecureXL device 0 assigned client ID 0
SecureXL device is enabled. sxl_dev_id=0
fw_register_adp_service: FW assigned client ID 1
fw_register_adp_service: FW registered successfully with ADP driver. vsid 0
SecureXL device is enabled. sxl_dev_id=0
fw_register_adp_service: already registered
FireWall-1: Fetching policy
Installing Security Policy InitialPolicy on all.all@Intek-FW
Fetching Security Policy from localhost succeeded
Installing Threat Prevention policy from local
malware_tp_conf_reload: Reload(/opt/CPsuite-R81/fw1/state/local/AMW) failed ()
malware_load: malware_tp_conf_reload( dir=/opt/CPsuite-R81/fw1/state/local/AMW ) failed
Fetching Threat Prevention policy failed
HA not installed
Failed to enable SecureXL device - no license.
sim affinityload_no_mq_reconf
FireWall-1: enabling bridge forwarding
FireWall-1 started
FireWall-1: start External IOC
FireWall-1: start IOC blacklist
Dynamic Balancing is not supported on security gateways with GNAT disabled
FloodGate-1 is disabled. If you wish to start the service, please run 'etmstart enable'.
SmartView Monitor: Not active
Start Search Infrastructure...
index mode was set to true
cpwd_admin:
Process SOLR started successfully (pid=15109)
Starting RFL ...
cpwd_admin:
Process RFL started successfully (pid=15136)
Starting SmartView ...
Starting SmartView...
cpwd_admin:
Process SMARTVIEW started successfully (pid=15180)
Start Log Indexer...
cpwd_admin:
Process INDEXER started successfully (pid=15210)
Start SmartLog Server...
cpwd_admin:
Process SMARTLOG_SERVER started successfully (pid=15288)
evstart: Starting product - SmartEvent Server
evstart: Starting product - SmartEvent Correlation Unit
Check Point SmartEvent Server started
Check Point SmartEvent Correlation Unit started
UEPM: Endpoint Security Management isn't activated and will not be started
Mobile Access: cvpnd is already running - not registering
Mobile Access: Gateway is not a cluster member
Mobile Access: Starting MoveFileDemuxer service (if needed)
MoveFileDemuxer is already running
Mobile Access: dbwriter is already running
Mobile Access: cvpnproc is already running
Mobile Access: MoveFileServer is already running
Mobile Access: UserMonitor is already running
Mobile Access: Pinger is already running
Mobile Access: IdlePinger is already running
Mobile Access: CvpnAnalytics is already running
Mobile Access: cvpnd is already running
Mobile Access: Clearing portal rendering cache in all sessions.
Mobile Access: GuacDispatcher is already running
Mobile Access: Successfully started Mobile Access services.
cpwd_admin:
Process DASERVICE started successfully (pid=15646)
cpwd_admin:
Process AUTOUPDATER started successfully (pid=15654)
cpstart: Power-Up self tests passed successfully
cpstart: Starting product - SVN Foundation
cpstart: Starting product - VPN-1
cpstart: Starting product - FloodGate-1
cpstart: Starting product - SmartView Monitor
cpstart: Starting product - Eventia Suite
cpstart: Starting product - UEPM
cpstart: Starting product - Mobile Access
cpstart: Starting product - Repository Managment
cpstart: Starting product - Deployment Agent
cpstart: Starting product - Auto Updater
cpstart: Starting product - VSX
*****************************************************************************************************
Warning: You are required to deploy a Software Blade license instead of your NGX license.
For more details go to http://www.checkpoint.com/software-blades
or contact Account Services.
*****************************************************************************************************
[ OK ]
Starting cpboot_refetch: [ OK ]
Running hcp_ext: kernel.printk = 0 1 0 1
Setting vm.min_free_kbytes=67584->135168
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
Waiting for Clish to be ready...
Clish is ready
Starting start_cppcap: [ OK ]
Starting start_mdps: [ OK ]
Inserting vrrp_lkm_kern_64: [ OK ]
Starting
This system is for authorized use only.
login: admin
Password:
Last login: Tue Feb 22 20:20:26 on ttyS0
Intek-FW> show interfafes
CLINFR0329 Invalid command:'show interfafes'.
Intek-FW> show interfaces
lo
Intek-FW> show interface eth1
NMSETH0049 Invalid Interface name
show interface eth1
-----^^^^^^^^^^^^^^
Intek-FW>
Intek-FW>
Intek-FW> expert
Enter expert password:
Warning! All configurations should be done through clish
You are in expert mode now.
[Expert@Intek-FW:0]#
[Expert@Intek-FW:0]#
[Expert@Intek-FW:0]# ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:E9:F7:C3:25
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback Media:unknown(auto)
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING PROMISC DYNAMIC MTU:65536 Metric:1
RX packets:7230 errors:0 dropped:0 overruns:0 frame:0
TX packets:7230 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:16410324 (15.6 MiB) TX bytes:16410324 (15.6 MiB)
